linux random capabilities ...
i was talking to a friend, and he was describing the inability of PC
based security devices to have proper pseudo-random number generation.
This sounds to me that i needed some investigation. My general question
is: does someone ever heard about any type of cryptographic attack using
flaws in the random number generation ? Is there (even therically) possibilites
to be able to guess those numbers ? I know that some protocols add some
more randomness (like ipsec, using the last cyphered block in the antropy
pool etc..), but i'd like to have a clear idea on how secure those
Finally, i read here and there some work on hardware random generation devices
(based on radio activity readings, or diods based devices or whatever), is
there anyone with some experience with those ?
-> Jean-Francois Dive